Key Findings include:
+ SaaS Security Incidents on the Rise: 55% of organizations report that they experienced an incident in the past two years, with another 12% unsure. These findings underscore that companies are coming to understand the harsh reality that common on-prem types of attacks, such as ransomware, malware, and data breaches, can also occur in their cloud SaaS environments.
+ Current SaaS Security Strategies and Methodologies Don’t Go Far Enough: The survey finds that over half (58%) of organizations estimate their current SaaS security solutions only cover 50% or less of their SaaS applications. It’s becoming clear that manual audits and CASBs are not enough to protect companies from SaaS security incidents.
+ Stakeholder Spread in Securing SaaS Apps: CISOs and security managers are shifting from being the controllers to governors as the ownership of SaaS apps are spread out through all the different departments of their organization. Alignment, communication and collaboration are key to being able to secure the organization’s SaaS stack.
+ How Organizations Are Prioritizing Policies & Processes for Their Entire SaaS Security Ecosystem: SaaS security continues to adapt to encompass the expanding broad range of concerns in the SaaS Ecosystem, including SaaS Misconfigurations, SaaS-to-SaaS Access, Device-to-SaaS Risk Management, Identity and Access Governance, and Identity Threat Detection & Response (ITDR). Organizations are putting robust policies, processes, and capabilities in place that are essential for protecting these different domains.
+ Investment in SaaS and SaaS Security Resources Are Drastically Increasing 66% of organizations have increased their investment in apps, with 71% increasing their investment in security tools for SaaS. More specifically, the survey shows that adoption of SaaS Security Posture Management (SSPM) solutions has grown significantly, increasing from 17% in 2022 to 44% in 2023. This can be attributed to the fact that SSPMs provide coverage in areas where other methods and strategies have fallen short, offering more comprehensive protection against various security risks throughout the whole SaaS Security Ecosystem.
Request Free! |